25 Sep
2013
25 Sep
'13
5:12 a.m.
[If I just sent a half-message, sorry; I fat-fingered.] Rick Moen <rick@linuxmafia.com> writes:
Kurt Roeckx's good-faith effort to fix OpenSSL RNG spaghetti code[1] was not 'a trapdoor', but rather an unsuccessful effort to polish the turd that is OpenSSL.
See also https://wiki.debian.org/SSLkeys OpenSSL has other issues https://people.gnome.org/~markmc/openssl-and-the-gpl.html Makes me wonder why OpenLDAP has such a hard-on for it. GnuTLS's user interface is sure as shit a lot friendlier than OpenSSL's.